|
Dex posted:my car has a warning light telling me to check the engine, so i started parking it by slamming it into walls. idiot hellbox trying to tell me how to live my life, gently caress that noise If my car forcibly pulled off the road every Tuesday for yet another recall, I’d be livid.
|
#
?
May 13, 2017 10:47
|
|
|
|
| # ? May 14, 2024 22:30 |
|
|
bet you can't wait for self-driving cars then
|
|
#
?
May 13, 2017 10:55
|
|
|
Platystemon posted:If my car forcibly pulled off the road every Tuesday for yet another recall, I’d be livid. We're like ten years away from that, max.
|
|
#
?
May 13, 2017 11:01
|
|
|
Microsoft dusted off the update tools for XP, 8, and Server 2003 for this, which gives you an idea of who is being hit. Apparently a researcher saw that the code checked a specific lengthy non existent domain name with every infection, so he bought that domain name and accidentally tripped a failsafe pausing further spread. If it finds that domain exists it cancels its attempt to infect the computer.
|
|
#
?
May 13, 2017 11:14
|
|
|
Teddybear posted:Microsoft dusted off the update tools for XP, 8, and Server 2003 for this, which gives you an idea of who is being hit. Whoa, what a hero.
|
|
#
?
May 13, 2017 11:16
|
|
|
Teddybear posted:Apparently a researcher saw that the code checked a specific lengthy non existent domain name with every infection, so he bought that domain name and accidentally tripped a failsafe pausing further spread. If it finds that domain exists it cancels its attempt to infect the computer. So was that the blackhat’s plan all along? The first whitehat to dig into the code finds the domain. The purchase of that domain signals that the jig is up. In short, it’s a canary.
|
|
#
?
May 13, 2017 11:32
|
|
|
Probably if he needed to stop the spread for whatever reason, he would have a way to do so. Someone just found it.
|
|
#
?
May 13, 2017 11:33
|
|
|
most of those tools are made to order, with the author taking a cut of the proceeds. if your client stops paying up, you turn on the killswitch and gently caress their business
|
|
#
?
May 13, 2017 11:36
|
|
|
I suddenly really want to know what the killswitch domain name was.
|
|
#
?
May 13, 2017 11:52
|
|
|
https://www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com , which is probably not what you were hoping for bunch of other words here https://gist.github.com/rain-1/989428fa5504f378b993ee6efbc0b168 for anyone who cares
|
|
#
?
May 13, 2017 11:57
|
|
|
Malachite_Dragon posted:I suddenly really want to know what the killswitch domain name was. https://crashoveride.do.not And in an ideal world the URL would play the one loving good song from the Hackers soundtrack: https://www.youtube.com/watch?v=bV-hSgL1R74 Humphreys has a new favorite as of 13:46 on May 13, 2017 |
|
#
?
May 13, 2017 13:29
|
|
|
Humphreys posted:https://crashoveride.do.not YouTube link checks out.
|
|
#
?
May 13, 2017 13:58
|
|
|
Teddybear posted:Microsoft dusted off the update tools for XP, 8, and Server 2003 for this, which gives you an idea of who is being hit. About half of the cheap bastards I've worked for?
|
|
#
?
May 13, 2017 15:28
|
|
|
The computer I use for office work on Fridays is still using XP, as is the data entry terminal one step down. They are both the only two computers that can access our internal database. I have no idea when anything was last backed up.
|
|
#
?
May 13, 2017 16:51
|
|
|
marshmallow creep posted:The computer I use for office work on Fridays is still using XP, as is the data entry terminal one step down. They are both the only two computers that can access our internal database. I have no idea when anything was last backed up. If you don't know the answer to that question, its probably "never".
|
|
#
?
May 13, 2017 16:57
|
|
|
The schadenfreude is on anyone who still takes Bill Maher seriously, cos he legitimately believes the Trump administration's assertion that Comey was fired over Clinton's emails. What a maroon.
|
|
#
?
May 13, 2017 17:35
|
|
|
"How an idiot designs a bike race" https://www.youtube.com/watch?v=PXO_AqzVDB4
|
|
#
?
May 13, 2017 17:41
|
|
|
i have no idea how that race was supposed to go, because it looked like just a giant goddamned mess, but lmao @ the douchebag who eats it hard after trying to bunny-hop over the injured person lying in the road (GOTTA GO FAST!). Beautiful. it's me, the hippie bicycle commuter who is constantly angry at hobbyist bike racers treating the bike paths like their personal training track
|
|
#
?
May 13, 2017 17:58
|
|
|
Ak Gara posted:"How an idiot designs a bike race"  Why?
|
|
#
?
May 13, 2017 18:21
|
|
|
PostNouveau posted:
Doesn't look like they had police controlling each intersection on the race path either. Every once in a while a big group will ride through downtown Dallas and I've been stuck behind a green light with 100 cyclists just blowing through the red with no apparent authority or control. I've never done it, but in the dark, lizard-brain recesses of my mind I'm always tempted. "They had red I had green I don't know what happened officer I swear."  vvv Running makes you look guilty, this way I'm the innocent victim motorist of inconsiderate bike riders 
Takes No Damage has a new favorite as of 19:51 on May 13, 2017 |
|
#
?
May 13, 2017 18:43
|
|
|
Takes No Damage posted:Doesn't look like they had police controlling each intersection on the race path either. Every once in a while a big group will ride through downtown Dallas and I've been stuck behind a green light with 100 cyclists just blowing through the red with no apparent authority or control. I've never done it, but in the dark, lizard-brain recesses of my mind I'm always tempted. "They had red I had green I don't know what happened officer I swear." Why would you wait to speak to an officer?
|
|
#
?
May 13, 2017 18:49
|
|
|
Sagebrush posted:i have no idea how that race was supposed to go, because it looked like just a giant goddamned mess, but lmao @ the douchebag who eats it hard after trying to bunny-hop over the injured person lying in the road (GOTTA GO FAST!). Beautiful. It looked more like he was clipped in and couldn't stop hard enough. Now, WHY he couldn't stop hard enough is another question... Also, what the gently caress was the Volt driver doing?
|
|
#
?
May 13, 2017 20:21
|
|
|
insta posted:It looked more like he was clipped in and couldn't stop hard enough. Now, WHY he couldn't stop hard enough is another question... It's the race's car leading the leaders who went through that stupid loop thing and came back around as the group was going by in the other direction. Someone claiming to be the cyclist who hit the race official posted in the video's comments and said that it nearly ran over his head. quote:Hi- PostNouveau has a new favorite as of 21:01 on May 13, 2017 |
|
#
?
May 13, 2017 20:52
|
|
|
  
|
|
#
?
May 14, 2017 03:10
|
|
|
Teacher's pet in the front row, refusing to vacate his seat.
|
|
#
?
May 14, 2017 03:19
|
|
|
|
|
#
?
May 14, 2017 03:22
|
|
|
Drunk golfing https://zippy.gfycat.com/ShamefulWeightyCarp.mp4
|
|
#
?
May 14, 2017 03:23
|
|
|
Give this kid a goddamn medal. It doesn't matter which one.
|
|
#
?
May 14, 2017 03:46
|
|
|
Humphreys posted:https://crashoveride.do.not You mean you don't do your hacking to the amazing song that is Voodoo People? https://www.youtube.com/watch?v=vpCTMddpQNs
|
|
#
?
May 14, 2017 03:46
|
|
|
Teddybear posted:Microsoft dusted off the update tools for XP, 8, and Server 2003 for this, which gives you an idea of who is being hit. Platystemon posted:So was that the blackhat’s plan all along? Teddybear posted:Probably if he needed to stop the spread for whatever reason, he would have a way to do so. Someone just found it. Dex posted:most of those tools are made to order, with the author taking a cut of the proceeds. if your client stops paying up, you turn on the killswitch and gently caress their business Article by the researcher who registered the domain. quote:The reason which was suggested is that the domain is a “kill switch” in case something goes wrong, but I now believe it to be a badly thought out anti-analysis.
|
|
#
?
May 14, 2017 03:46
|
|
|
Crane tips over https://www.youtube.com/watch?v=sq3wcxFz4yk
|
|
#
?
May 14, 2017 04:32
|
|
|
*pretending to be smart enough to understand any of this* Aha, yes! Of course!
|
|
#
?
May 14, 2017 05:17
|
|
|
Rough Lobster posted:*pretending to be smart enough to understand any of this* In the bowels of the evil machine there is a big red button. Our heroes say “I wonder what this does” and press it. It stops the machine. It was supposed to do that—stop the machine so that the heroes couldn’t get a good luck at its inner workings. But our heroes pressed the button really hard and stopped all the evil machines, not just the one they were poking around inside.
|
|
#
?
May 14, 2017 05:28
|
|
|
Rough Lobster posted:*pretending to be smart enough to understand any of this* The researcher is saying that when security researchers study malware, they run it in a virtual environment (emulated computer) where any attempts made by the malware to connect to external hosts (servers) are automatically redirected to a research computer, which pretends to be the host in question. That lets the researcher capture and examine the data that the malware is trying to send. This particular bit of software tries to connect to a gibberish website that shouldn't exist, and if it does manage to connect, it shuts down. The researcher thinks that this is a counter-analysis feature -- the malware knows the website should not exist, so if it does, it might mean the malware is running in a research system that pretends to be whatever the malware wants. It's clever.
|
|
#
?
May 14, 2017 05:32
|
|
|
Sagebrush posted:The researcher is saying that when security researchers study malware, they run it in a virtual environment (emulated computer) where any attempts made by the malware to connect to external hosts (servers) are automatically redirected to a research computer, which pretends to be the host in question. That lets the researcher capture and examine the data that the malware is trying to send. This particular bit of software tries to connect to a gibberish website that shouldn't exist, and if it does manage to connect, it shuts down. The researcher thinks that this is a counter-analysis feature -- the malware knows the website should not exist, so if it does, it might mean the malware is running in a research system that pretends to be whatever the malware wants. I'm not sure it makes sense as an anti-analysis technique, though. It relies on the presence of a complex url in the (unknown?) analysis environment to work.
|
|
#
?
May 14, 2017 05:55
|
|
|
TotalLossBrain posted:I'm not sure it makes sense as an anti-analysis technique, though. It relies on the presence of a complex url in the (unknown?) analysis environment to work. No, the sandbox environment redirects all traffic to something that looks like a working website, so you can also capture what the virus is trying to send
|
|
#
?
May 14, 2017 05:58
|
|
|
Sagebrush posted:The researcher is saying that when security researchers study malware, they run it in a virtual environment (emulated computer) where any attempts made by the malware to connect to external hosts (servers) are automatically redirected to a research computer, which pretends to be the host in question. That lets the researcher capture and examine the data that the malware is trying to send. This particular bit of software tries to connect to a gibberish website that shouldn't exist, and if it does manage to connect, it shuts down. The researcher thinks that this is a counter-analysis feature -- the malware knows the website should not exist, so if it does, it might mean the malware is running in a research system that pretends to be whatever the malware wants. I can't tell if leaving the test stuff in is stupid and clumsy since you should know not to publish that way? Or maybe alpha builds are the ultimate in malware? Or we're reading too much into this and only going to hurt our heads trying to second guess this? Or heck they got a pretty good read on the stuff that took out those Iranian centrifuges from a variable name that looked Jewish...
|
|
#
?
May 14, 2017 06:39
|
|
|
Imagine you are a member of La Résistance. You’re trying to stay hidden from the Secret Police while carrying out your operations. You figure that if they’re on to you, they’ll start seizing all your mail. Your have this clever idea to regularly send a letter to a non‐existent P.O. box. If that letter doesn’t end up returned to you as undeliverable, you will assume that the Secret Police are holding it. The flaw in the plan (or rather the one that matters in this analogy) is that all the Resistance cells are using the same fictitious P.O. box number. Someone noticed that there were a lot of letters being sent to the same non‐existent P.O. box. They didn’t know why, but they were curious, so they asked the post office if they could have that box number, at it was granted. The letters were gibberish and the return addresses were to abandoned houses, so receiving them isn’t important directly. What is important is that now, simultaneously, all the Resistance cells are freaking out that they’ve been busted. They’ve cut all lines of communication and gone into hiding. The Secret Police haven’t actually caught most of them, but their paranoia has paralysed them. They’re not longer carrying out subersive activities, which the authorities regard as a victory. Platystemon has a new favorite as of 06:52 on May 14, 2017 |
|
#
?
May 14, 2017 06:45
|
|
|
syscall girl posted:I can't tell if leaving the test stuff in is stupid and clumsy since you should know not to publish that way? Test environment as in, people looking to defeat the malware would run it in a test environment. The malware was designed to recognize it was in such a test environment, and turn itself off to prevent itself being tested.
|
|
#
?
May 14, 2017 06:50
|
|
|
|
| # ? May 14, 2024 22:30 |
|
|
Have some Hearthstone schadenfreude.
|
|
|
#
?
May 14, 2017 06:51
|
|
